US8204215B2 - Method and apparatus for encrypting data - Google Patents

Method and apparatus for encrypting data Download PDF

Info

Publication number
US8204215B2
US8204215B2 US11/946,269 US94626907A US8204215B2 US 8204215 B2 US8204215 B2 US 8204215B2 US 94626907 A US94626907 A US 94626907A US 8204215 B2 US8204215 B2 US 8204215B2
Authority
US
United States
Prior art keywords
random number
counter
data
packet
bit representing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related, expires
Application number
US11/946,269
Other versions
US20080130881A1 (en
Inventor
Yong-kuk You
Seong-Soo Kim
Sang-su Choi
So-Young Lee
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Samsung Electronics Co Ltd
Original Assignee
Samsung Electronics Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Samsung Electronics Co Ltd filed Critical Samsung Electronics Co Ltd
Priority to US11/946,269 priority Critical patent/US8204215B2/en
Assigned to SAMSUNG ELECTRONICS CO., LTD. reassignment SAMSUNG ELECTRONICS CO., LTD. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: CHOI, SANG-SU, KIM, SEONG-SOO, LEE, SO-YOUNG, YOU, YONG-KUK
Assigned to SAMSUNG ELECTRONICS CO., LTD. reassignment SAMSUNG ELECTRONICS CO., LTD. CORRECTIVE ASSIGNMENT TO CORRECT THE COUNTRY OF THE ASSIGNEE PREVIOUSLY RECORDED ON REEL 020203 FRAME 0510. ASSIGNOR(S) HEREBY CONFIRMS THE ASSIGNMENT OF ASSIGNOR'S INTEREST. Assignors: CHOI, SANG-SU, KIM, SEONG-SOO, LEE, SO-YOUNG, YOU, YONG-KUK
Publication of US20080130881A1 publication Critical patent/US20080130881A1/en
Application granted granted Critical
Publication of US8204215B2 publication Critical patent/US8204215B2/en
Expired - Fee Related legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0637Modes of operation, e.g. cipher block chaining [CBC], electronic codebook [ECB] or Galois/counter mode [GCM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/08Randomization, e.g. dummy operations or using noise

Definitions

  • Methods and apparatuses consistent with the present invention relate to encrypting data, and more particularly, to encrypting data in a digital transmission content protection (DTCP) standard.
  • DTCP digital transmission content protection
  • the DTCP standard was developed as a protocol for audio/video (AV) data transmission protection between devices connected in accordance with the Institute of Electrical and Electronics Engineers (IEEE) 1394 standard, and has been extended for protection of AV data transmitted by universal serial bus (USB), media oriented systems transport (MOST), Bluetooth, or Internet protocol (IP).
  • IEEE Institute of Electrical and Electronics Engineers
  • the original purpose of the DTCP standard was to transmit compressed AV data.
  • the DTCP standard can also be used for transmitting all types of data regardless of their content format.
  • Algorithms used for encrypting data in accordance with the DTCP standard include M6 and a cipher block chaining (CBC) mode of the advanced encryption standard (AES) using a 128-bit key.
  • CBC mode of AES is a more stable algorithm.
  • FIG. 1 is a diagram illustrating a related art encryption algorithm in a CBC mode of the AES, showing encryption and decryption processes.
  • data is divided into 128-bit data blocks P 1 through Pn, and AES encryption is performed respectively on the data blocks P 1 through Pn.
  • the data block P 1 is added to an initial value (IV) and then encrypted using an encryption key Ek, to generate encrypted data C 1 .
  • the data block P 2 is added to the encrypted data C 1 and the result is encrypted using the encryption key Ek to generate encrypted data C 2 is generated.
  • encrypted data C 1 through Cn is generated using the data blocks P 1 through Pn.
  • the decryption process is the inverse process of the encryption process.
  • the encrypted data C 1 is decrypted using a decryption key Dk and the result is added to an initial value IV to obtain the data block P 1 .
  • the encrypted data C 2 is decrypted using the decryption key Dk and the result is added to the encrypted data C 1 to obtain the data block P 2 .
  • the data blocks P 1 through Pn are obtained.
  • the related art encryption algorithm using the CBC mode of the AES requires more time for encryption and decryption. Additionally, each encryption or decryption is affected by the previous encryption or decryption result.
  • a counter mode of the AES can be used.
  • FIG. 2 is a diagram illustrating a related art encryption algorithm in a counter mode of the AES, showing encryption and decryption processes.
  • data is divided into 128-bit data blocks P 1 through Pm, a number of counters t 1 through tm corresponding to the number of the data blocks P 1 through Pm are generated, and AES encryption is performed on the data blocks P 1 through Pm using the counters t 1 through tm.
  • the counters t 1 through tm are predetermined values regardless of the data blocks P 1 through Pm.
  • counters t 2 through tm are set by adding 1 to the previous counter.
  • a counter t 2 is set by adding 1 to an initial counter t 1
  • a counter t 3 is set by adding 1 to the counter t 2 .
  • the counters t 1 through tm are encrypted using an encryption key Ek and then an exclusive OR operation is performed on the encrypted counters t 1 through tm and the data blocks P 1 through Pm, respectively. Thus, encrypted data C 1 through Cm are generated.
  • the decryption process is the inverse process of the encryption process.
  • the counter t 1 is encrypted using the encryption key Ek and then an exclusive OR operation is performed on the encrypted counter t 1 and the encrypted data C 1 .
  • the original data block P 1 is obtained.
  • Data blocks P 2 through Pn may be obtained in the same manner as the data block P 1 .
  • the encryption algorithm in the counter mode of the AES does not rely on a previous AES encryption result, enabling parallel encryption and decryption and increasing encryption speed.
  • the counter mode of the AES is not included in the DTCP standard, and has weaknesses.
  • the counters in the counter mode of the AES can be predicted in advance, and a third party can recreate original data from encrypted data if a plurality of data blocks are encrypted using the same encryption key and the same counter.
  • Exemplary embodiments of the present invention overcome the above disadvantages and other disadvantages not described above. Also, the present invention is not required to overcome the disadvantages described above, and an exemplary embodiment of the present invention may not overcome any of the problems described above.
  • the present invention provides a method and apparatus for encrypting data quickly and reliably in accordance with a DTCP standard.
  • a method of encrypting data including dividing data in packet units into N data blocks; generating an initial counter value using a random number used for generating an encryption key for encrypting the data blocks; generating N counter values by increasing the initial value by a predetermined value N times and encrypting the N counter values using the encryption key; and performing an exclusive OR operation on the N encrypted counter values and the N data blocks.
  • Each of the counter values may include a bit for representing the random number, a bit for representing a transferred data block number, and a bit for representing a counter.
  • Each of the counter values may include a bit for representing the random number, a bit for representing an additional random number which is different from the random number, and a bit for representing a counter.
  • the method may further include generating a packet formed of a predetermined number of data blocks from among the N data blocks on which an exclusive OR operation is performed with the N encrypted counter values, and each of the counter values may include a bit for representing the random number, and a bit for representing partial information of the packet.
  • Each of the counter values may further include a bit for representing a counter.
  • the method may further include generating a packet formed of a predetermined number of data blocks from among the N data blocks on which an exclusive OR operation is performed with the N encrypted counter values, and each of the counter values may include a bit for representing the random number, a bit for representing a number of the packet, and a bit for representing a counter.
  • the method may further include generating a packet formed of a predetermined number of data blocks from among the N data blocks on which an exclusive OR operation is performed with the N encrypted counter values, and the initial counter value may be changed for each packet.
  • the initial counter value may be increased by a predetermined value for each packet.
  • the method may further include generating the encryption key, and the generating of the encryption key may include generating the encryption key based on copy control information of the data, the random number, and an exchange key shared by apparatuses for encrypting and decrypting data.
  • the random number may be periodically changed, and may be periodically increased by a predetermined value.
  • Each data block may be 128 bits, each counter value may be 128 bits, and the random number may be equal to or greater than 64 bits.
  • the packet may include a region which represents the random number, and may include a region which represents whether the random number is an odd number or an even number in order to represent whether the random number has changed.
  • an apparatus for encrypting data including a data division unit which divides data in packet units into N data blocks; a random number generation unit which generates a random number used for generating an encryption key for encrypting the data blocks; a counter generation unit which generates an initial counter value using the random number and generates N counter values by increasing the initial value by a predetermined value N times; an encryption unit which encrypts the N counter values using the encryption key; and an operation unit which performs an exclusive OR operation on the N encrypted counter values and the N data blocks.
  • the apparatus may further include a packet generation unit which generates a packet formed of a predetermined number of data blocks from among the N data blocks on which an exclusive OR operation is performed with the N encrypted counter values.
  • the apparatus may further include an encryption key generation unit which generates the encryption key, wherein the encryption key generation unit generates the encryption key based on copy control information of the data, the random number, and an exchange key shared by apparatuses for encrypting and decrypting data.
  • a computer readable recording medium having recorded thereon a computer program for executing a method of encrypting data, the method including dividing data in packet units into N data blocks; generating an initial counter value using a random number used for generating an encryption key for encrypting the data blocks; generating N counter values by increasing the initial value by a predetermined value N times and encrypting the N counter values using the encryption key; and performing an exclusive OR operation on the N encrypted counter values and the N data blocks.
  • FIG. 1 is a diagram illustrating a related art encryption algorithm in a CBC mode of the AES
  • FIG. 2 is a diagram illustrating a related art encryption algorithm in a counter mode of the AES
  • FIG. 3 is a diagram of an apparatus for encrypting data, according to an exemplary embodiment of the present invention.
  • FIG. 4 is a diagram showing the structure of a packet in accordance with a DTCP/IEEE 1394 standard
  • FIG. 5 is a diagram showing the structure of a packet in accordance with a DTCP/IP standard.
  • FIG. 6 is a flowchart illustrating a method of encrypting data, according to an exemplary embodiment of the present invention.
  • FIG. 3 is a diagram of an apparatus for encrypting data, according to an exemplary embodiment of the present invention.
  • the apparatus includes a data division unit 310 , a random number generation unit 320 , a counter generation unit 330 , an encryption unit 340 , and an operation unit 350 .
  • the data division unit 310 divides data in packet units into N data blocks.
  • N is a natural number equal to or greater than 2.
  • the data may be divided into 128-bit data blocks according to the current exemplary embodiment, but the present invention is not limited thereto.
  • the data may also be divided into different sized data blocks.
  • the random number generation unit 320 generates a random number to be used to generate an encryption key for encrypting the data blocks.
  • the random number may be periodically increased by a predetermined value, for example, 1.
  • a plurality of data blocks may be encrypted using the same encryption key generated using the same random number.
  • the apparatus for encrypting data may further include an encryption key generation unit (not shown) which generates an encryption key.
  • the encryption unit 340 encrypts a counter value using the encryption key generated by the encryption key generation unit.
  • the encryption key generation unit generates the encryption key based on copy control information of the data, the random number, and an exchange key shared by the apparatus for encrypting data according to an exemplary embodiment of the present invention and an apparatus for decrypting data which decrypts the data encrypted by the apparatus for encrypting data.
  • the encryption key generation unit periodically and randomly generates the exchange key, and the random number generation unit also periodically and randomly generates the random number.
  • the cycle for generating the random number is shorter than the cycle for generating the exchange key. That is, the random number is generated more frequently than the exchange key.
  • the encryption key may be generated using a function shared by the apparatuses for encrypting and decrypting data, as in Mathematical Formula 1.
  • K C J - AES ⁇ ( K X , f ⁇ [ EMI ] x ⁇ N C ) ⁇ ⁇
  • J-AES represents the function shared by the apparatuses for encrypting and decrypting data
  • Kx represents the exchange key
  • EMI encryption mode indicator
  • Nc represents the random number.
  • f[ ] is an operator which converts each EMI into an appropriate constant.
  • f[ ] may convert a 2-bit EMI into a 96-bit constant.
  • the EMI may have a plurality of modes.
  • ‘copy-never’, ‘copy-one-generation’, and ‘no-more-copy’ may be set respectively to Modes A, B and C.
  • An encryption key Kc is changed in accordance with the mode of EMI, and changes of the exchange key Kx and the random number Nc.
  • the apparatus for decrypting data When the encryption key is generated by the apparatus for encrypting data as described above, the apparatus for decrypting data also has to have the encryption key in order to decrypt the data encrypted using the encryption key.
  • the apparatus for encrypting data periodically and randomly generates the exchange key, encrypts the exchange key using an authentication key shared by the apparatuses for encrypting and decrypting data, and transfers the encrypted exchange key to the apparatus for decrypting data.
  • the apparatus for decrypting data decrypts the encrypted exchange key using the authentication key and extracts the exchange key.
  • the apparatus for encrypting data periodically and randomly generates the random number and transfers the random number to the apparatus for decrypting data.
  • the random number is not separately transferred but is recorded in a header of a packet when the apparatus for encrypting data transfers data in the form of a packet to the apparatus for decrypting data.
  • the EMI which is the copy control information of the data, is recorded and transferred in the packet.
  • FIG. 4 is a diagram showing the structure of a packet in accordance with a DTCP/IEEE 1394 standard.
  • FIG. 4 shows an EMI region 410 and an Odd/Even region 420 .
  • the EMI region 410 represents an EMI, which is copy control information of data in a header of the packet
  • the Odd/Even region 420 represents whether a random number is an odd number or an even number in order to represent whether the random number has changed.
  • the above-described packet does not have a region which represents the random number itself, and it is assumed that a counter value is increased by a predetermined value in a counter mode. For example, if the counter value increases by 1, odd and even numbers are represented alternately in the Odd/Even region 420 .
  • FIG. 5 is a diagram showing the structure of a packet in accordance with a DTCP/IP standard
  • a header of the packet includes an extended encryption mode indicator (E-EMI) region 510 which represents an EMI, which is copy control information of data, and a random number region 520 which represents a random number.
  • E-EMI extended encryption mode indicator
  • the EMI region 410 illustrated in FIG. 4 is 2 bits, while the E-EMI region illustrated in FIG. 5 is 4 bits and may include more modes than the EMI region 410 illustrated in FIG. 4 .
  • the random number region 520 represents the random number N c generated by the random number generation unit 320 illustrated in FIG. 3 .
  • the random number N c may be 64 bits as in FIG. 5 .
  • the apparatus for decrypting data uses the exchange key, the random number, and the copy control information of the data generated as described above to generate an encryption key which is identical to the encryption key of the apparatus for encrypting data and is also used for decrypting the encrypted data.
  • the counter generation unit 330 generates an initial counter value using the random number generated by the random number generation unit 320 , and generates N counter values by increasing the initial counter value by a predetermined value N times.
  • the random number used for generating the encryption key is reused for generating the counter value. Accordingly, a fewer number of operations are required in comparison with the case when a random number for generating an encryption key and a random number for generating a counter value are generated separately.
  • the encryption unit 340 encrypts the N counter values into encryption keys.
  • the operation unit 350 encrypts each of the data blocks by performing an exclusive OR operation on the encrypted counter values and the data blocks.
  • the counter generation unit 330 generates the initial counter value which may be formed as in Mathematical Formula 2. N c
  • N c represents the random number
  • count represents a counter
  • the initial counter value is 128 bits, it may be formed of a 64-bit random number and a 64-bit counter. In this case, the counter may be disposed in front of the random number.
  • the counter count may start at 0 but is not limited thereto.
  • the counter values are determined by increasing the counter of Mathematical Formula 2 by the predetermined value. For example, if the counter is 4 bits and the counter of the initial counter value is 0000, the counter may be changed and increased by 1 to 0001, 0010, 0011 and so on. However, if the counter is increased to 1111, the next value of the counter 1111 is 0000 again.
  • the counters may repeat the same values after they return again to 0000 as in the above-described example.
  • a third party can recreate original data from encrypted data if a plurality of data blocks are encrypted using the same encryption key and the same counter.
  • the counter generation unit 330 needs to generate the counter values by changing composition forms of the counter values such that the same encryption keys do not have the same counter value.
  • the counter generation unit 330 may generate the counter value to include a bit for representing a random number N c , a bit for representing a number of transferred data blocks datablock no , and a bit for representing the counter count as in Mathematical Formula 3.
  • the counter value may include a bit for representing a 64-bit random number, a bit for representing a 32-bit transferred data block number, and a bit for representing a 32-bit counter.
  • datablock no of a counter for encrypting a data block after 100 data blocks are transferred is 101 .
  • each data block has a different value of datablock no , and the same counter value is not used for the same encryption keys when the data is encrypted.
  • datablock no is represented in a header of the packet, transferred to the apparatus for decrypting data, and used for calculating the counter value required for decrypting the packet.
  • the apparatus for encrypting data may further include a packet generating unit (not shown) which generates a packet including a predetermined number of data blocks.
  • a packet generating unit (not shown) which generates a packet including a predetermined number of data blocks.
  • each data block is included in the packet after an exclusive OR operation is performed on the data block and the counter value encrypted using the encryption key.
  • the counter generation unit 330 may generate the counter value to include a bit for representing the random number N c , a bit for representing an additional random number N c2 which is different from the random number N c , and a bit for representing the counter count as in Mathematical Formula 4.
  • the counter value may include a bit for representing a 64-bit random number, a bit for representing a 32-bit additional random number, and a bit for representing a 32-bit counter.
  • the random number generation unit 320 has to generate the additional random number N c2 as well as the random number N c for generating the encryption key. Accordingly, more operation is required than in the case when only one random number N c is generated. However, since two random numbers N c and N c2 are used, the operation is more stable than when only one random number N c is used.
  • the additional random number N c2 is represented in the header of the packet, transferred to the apparatus for decrypting data, and used for calculating the counter value required for decrypting the packet.
  • the counter generation unit 330 may generate the counter value to include a bit for the random number N c , a bit for representing a packet number packet no , and a bit for representing the counter count as in Mathematical Formula 5.
  • the counter value may include a bit for representing a 64-bit random number, a bit for representing a 32-bit packet number, and a bit for representing a 32-bit counter.
  • the packet number packets no of the counter value to be used for encrypting a data block included in a first packet is 1 and the packet number packets no of the counter value to be used for encrypting a data block included in a second packet is 2.
  • packets no is recalculated from when the random number N c is changed. Accordingly, packet no of a first packet after the random number N c is changed is set to 1.
  • the same counter value is not used for the same encryption keys when the data is encrypted.
  • packet no is represented in the header of the packet, transferred to the apparatus for decrypting data, and used for calculating the counter value required for decrypting the packet.
  • the counter generation unit 330 may generate the counter value to include a bit for the random number N c and a bit for representing partial information data part of a packet as in Mathematical Formula 6. N c
  • the counter value may include a bit for representing a 64-bit random number, and a bit for representing 64-bit partial information of the packet.
  • the partial information of the packet can be used as the counter value because information of each packet has randomness and the counter value can be kept different from other counter values using the randomness.
  • a counter may be further included in the counter value of Mathematical Formula 6.
  • the counter value may include a bit for representing a 64-bit random number, a bit for representing 32-bit partial information of the packet, and a bit for representing a 32-bit counter.
  • the counter generation unit 330 may determine the initial counter value to be changed for each packet.
  • the random number N c may be changed by adding a predetermined value for each packet.
  • FIG. 6 is a flowchart illustrating a method of encrypting data, according to an exemplary embodiment of the present invention.
  • data in packet units is divided into N data blocks.
  • an initial counter value is generated using a random number used for generating an encryption key for encrypting the data blocks.
  • N counter values are generated by increasing the initial value by a predetermined value N times, and the N counter values are encrypted using the encryption key.
  • an exclusive OR operation is performed on the encrypted counter values and the data blocks.
  • the exemplary embodiments of the present invention can be written as computer programs and can be implemented in general-use digital computers that execute the programs using a computer readable recording medium.
  • Examples of the computer readable recording medium include magnetic storage media (e.g. ROM, floppy disks, hard disks, etc.), and optical recording media (e.g. CD-ROMs, or DVDs).
  • the exemplary embodiments of the present invention allow fast and stable data encryption by dividing data in packet units into N data blocks, generating an initial counter value using a random number used for generating an encryption key for encrypting the data blocks, generating N counter values by increasing the initial value by a predetermined value N times, encrypting the N counter values using the encryption key, and performing an exclusive OR operation on the encrypted counter values and the data blocks.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

A method of encrypting data is provided. The method includes dividing data in packet units into N data blocks; generating an initial counter value using a random number used for generating an encryption key for encrypting the data blocks; generating N counter values by increasing the initial value by a predetermined value N times and encrypting the N counter values using the encryption key; and performing an exclusive OR operation on the N encrypted counter values and the N data blocks.

Description

CROSS-REFERENCE TO RELATED PATENT APPLICATION
This application claims priority from U.S. Provisional Application No. 60/872,501, filed on Dec. 4, 2006 in the U.S. Patent and Trademark Office, and Korean Patent Application No. 10-2007-0029367, filed on Mar. 26, 2007 in the Korean Intellectual Property Office, the disclosure of which is incorporated herein in its entirety by reference.
BACKGROUND OF THE INVENTION
1. Field of the Invention
Methods and apparatuses consistent with the present invention relate to encrypting data, and more particularly, to encrypting data in a digital transmission content protection (DTCP) standard.
2. Description of the Related Art
The DTCP standard was developed as a protocol for audio/video (AV) data transmission protection between devices connected in accordance with the Institute of Electrical and Electronics Engineers (IEEE) 1394 standard, and has been extended for protection of AV data transmitted by universal serial bus (USB), media oriented systems transport (MOST), Bluetooth, or Internet protocol (IP). The original purpose of the DTCP standard was to transmit compressed AV data. However, the DTCP standard can also be used for transmitting all types of data regardless of their content format. Algorithms used for encrypting data in accordance with the DTCP standard include M6 and a cipher block chaining (CBC) mode of the advanced encryption standard (AES) using a 128-bit key. The CBC mode of AES is a more stable algorithm.
Currently, demands for communication of non-compressed AV data through a wireless communication system having a transmission rate of several gigabits per second (Gbps) by using a tens of gigahertz (GHz) band have increased, and thus related technologies are being actively developed. The DTCP standard can also be applied to the above-described data communication technologies. In this case, the size of the transmission data is large, requiring a high-speed encryption algorithm.
FIG. 1 is a diagram illustrating a related art encryption algorithm in a CBC mode of the AES, showing encryption and decryption processes.
In the encryption process, data is divided into 128-bit data blocks P1 through Pn, and AES encryption is performed respectively on the data blocks P1 through Pn.
The data block P1 is added to an initial value (IV) and then encrypted using an encryption key Ek, to generate encrypted data C1. The data block P2 is added to the encrypted data C1 and the result is encrypted using the encryption key Ek to generate encrypted data C2 is generated. In the same manner, encrypted data C1 through Cn is generated using the data blocks P1 through Pn.
The decryption process is the inverse process of the encryption process.
In the decryption process, the encrypted data C1 is decrypted using a decryption key Dk and the result is added to an initial value IV to obtain the data block P1. The encrypted data C2 is decrypted using the decryption key Dk and the result is added to the encrypted data C1 to obtain the data block P2. In the same manner, the data blocks P1 through Pn are obtained.
As described above, the related art encryption algorithm using the CBC mode of the AES requires more time for encryption and decryption. Additionally, each encryption or decryption is affected by the previous encryption or decryption result.
To solve the above-mentioned problem, a counter mode of the AES can be used.
FIG. 2 is a diagram illustrating a related art encryption algorithm in a counter mode of the AES, showing encryption and decryption processes.
In the encryption process, data is divided into 128-bit data blocks P1 through Pm, a number of counters t1 through tm corresponding to the number of the data blocks P1 through Pm are generated, and AES encryption is performed on the data blocks P1 through Pm using the counters t1 through tm.
In this case, the counters t1 through tm are predetermined values regardless of the data blocks P1 through Pm. In general, counters t2 through tm are set by adding 1 to the previous counter. For example, a counter t2 is set by adding 1 to an initial counter t1, and a counter t3 is set by adding 1 to the counter t2.
The counters t1 through tm are encrypted using an encryption key Ek and then an exclusive OR operation is performed on the encrypted counters t1 through tm and the data blocks P1 through Pm, respectively. Thus, encrypted data C1 through Cm are generated.
The decryption process is the inverse process of the encryption process.
In the decryption process, the counter t1 is encrypted using the encryption key Ek and then an exclusive OR operation is performed on the encrypted counter t1 and the encrypted data C1. Thus, the original data block P1 is obtained. Data blocks P2 through Pn may be obtained in the same manner as the data block P1.
The encryption algorithm in the counter mode of the AES does not rely on a previous AES encryption result, enabling parallel encryption and decryption and increasing encryption speed.
However, the counter mode of the AES is not included in the DTCP standard, and has weaknesses. The counters in the counter mode of the AES can be predicted in advance, and a third party can recreate original data from encrypted data if a plurality of data blocks are encrypted using the same encryption key and the same counter.
SUMMARY OF THE INVENTION
Exemplary embodiments of the present invention overcome the above disadvantages and other disadvantages not described above. Also, the present invention is not required to overcome the disadvantages described above, and an exemplary embodiment of the present invention may not overcome any of the problems described above.
The present invention provides a method and apparatus for encrypting data quickly and reliably in accordance with a DTCP standard.
According to an aspect of the present invention, there is provided a method of encrypting data, the method including dividing data in packet units into N data blocks; generating an initial counter value using a random number used for generating an encryption key for encrypting the data blocks; generating N counter values by increasing the initial value by a predetermined value N times and encrypting the N counter values using the encryption key; and performing an exclusive OR operation on the N encrypted counter values and the N data blocks.
Each of the counter values may include a bit for representing the random number, a bit for representing a transferred data block number, and a bit for representing a counter.
Each of the counter values may include a bit for representing the random number, a bit for representing an additional random number which is different from the random number, and a bit for representing a counter.
The method may further include generating a packet formed of a predetermined number of data blocks from among the N data blocks on which an exclusive OR operation is performed with the N encrypted counter values, and each of the counter values may include a bit for representing the random number, and a bit for representing partial information of the packet.
Each of the counter values may further include a bit for representing a counter.
The method may further include generating a packet formed of a predetermined number of data blocks from among the N data blocks on which an exclusive OR operation is performed with the N encrypted counter values, and each of the counter values may include a bit for representing the random number, a bit for representing a number of the packet, and a bit for representing a counter.
The method may further include generating a packet formed of a predetermined number of data blocks from among the N data blocks on which an exclusive OR operation is performed with the N encrypted counter values, and the initial counter value may be changed for each packet.
The initial counter value may be increased by a predetermined value for each packet.
The method may further include generating the encryption key, and the generating of the encryption key may include generating the encryption key based on copy control information of the data, the random number, and an exchange key shared by apparatuses for encrypting and decrypting data.
The random number may be periodically changed, and may be periodically increased by a predetermined value.
Each data block may be 128 bits, each counter value may be 128 bits, and the random number may be equal to or greater than 64 bits.
The packet may include a region which represents the random number, and may include a region which represents whether the random number is an odd number or an even number in order to represent whether the random number has changed.
According to another aspect of the present invention, there is provided an apparatus for encrypting data, the apparatus including a data division unit which divides data in packet units into N data blocks; a random number generation unit which generates a random number used for generating an encryption key for encrypting the data blocks; a counter generation unit which generates an initial counter value using the random number and generates N counter values by increasing the initial value by a predetermined value N times; an encryption unit which encrypts the N counter values using the encryption key; and an operation unit which performs an exclusive OR operation on the N encrypted counter values and the N data blocks.
The apparatus may further include a packet generation unit which generates a packet formed of a predetermined number of data blocks from among the N data blocks on which an exclusive OR operation is performed with the N encrypted counter values.
The apparatus may further include an encryption key generation unit which generates the encryption key, wherein the encryption key generation unit generates the encryption key based on copy control information of the data, the random number, and an exchange key shared by apparatuses for encrypting and decrypting data.
According to another aspect of the present invention, there is provided a computer readable recording medium having recorded thereon a computer program for executing a method of encrypting data, the method including dividing data in packet units into N data blocks; generating an initial counter value using a random number used for generating an encryption key for encrypting the data blocks; generating N counter values by increasing the initial value by a predetermined value N times and encrypting the N counter values using the encryption key; and performing an exclusive OR operation on the N encrypted counter values and the N data blocks.
BRIEF DESCRIPTION OF THE DRAWINGS
The above and other aspects of the present invention will become more apparent by describing in detail exemplary embodiments thereof with reference to the attached drawings in which:
FIG. 1 is a diagram illustrating a related art encryption algorithm in a CBC mode of the AES;
FIG. 2 is a diagram illustrating a related art encryption algorithm in a counter mode of the AES;
FIG. 3 is a diagram of an apparatus for encrypting data, according to an exemplary embodiment of the present invention;
FIG. 4 is a diagram showing the structure of a packet in accordance with a DTCP/IEEE 1394 standard;
FIG. 5 is a diagram showing the structure of a packet in accordance with a DTCP/IP standard; and
FIG. 6 is a flowchart illustrating a method of encrypting data, according to an exemplary embodiment of the present invention.
DETAILED DESCRIPTION OF EXEMPLARY EMBODIMENTS OF THE INVENTION
The present invention will now be described in detail by explaining exemplary embodiments of the invention with reference to the attached drawings.
FIG. 3 is a diagram of an apparatus for encrypting data, according to an exemplary embodiment of the present invention.
Referring to FIG. 3, the apparatus includes a data division unit 310, a random number generation unit 320, a counter generation unit 330, an encryption unit 340, and an operation unit 350.
The data division unit 310 divides data in packet units into N data blocks. N is a natural number equal to or greater than 2.
In this case, the data may be divided into 128-bit data blocks according to the current exemplary embodiment, but the present invention is not limited thereto. The data may also be divided into different sized data blocks.
The random number generation unit 320 generates a random number to be used to generate an encryption key for encrypting the data blocks.
The random number may be periodically increased by a predetermined value, for example, 1. In this case, a plurality of data blocks may be encrypted using the same encryption key generated using the same random number.
Preferably, the apparatus for encrypting data according to an exemplary embodiment of the present invention may further include an encryption key generation unit (not shown) which generates an encryption key. The encryption unit 340 encrypts a counter value using the encryption key generated by the encryption key generation unit.
The encryption key generation unit generates the encryption key based on copy control information of the data, the random number, and an exchange key shared by the apparatus for encrypting data according to an exemplary embodiment of the present invention and an apparatus for decrypting data which decrypts the data encrypted by the apparatus for encrypting data.
The encryption key generation unit periodically and randomly generates the exchange key, and the random number generation unit also periodically and randomly generates the random number.
In this case, the cycle for generating the random number is shorter than the cycle for generating the exchange key. That is, the random number is generated more frequently than the exchange key.
Based on the exchange key and the random number generated as described above and the copy control information of the data, the encryption key may be generated using a function shared by the apparatuses for encrypting and decrypting data, as in Mathematical Formula 1.
K C = J - AES ( K X , f [ EMI ] x N C ) Where : f [ EMI ] { f [ EMI ] = C a when EMI = Mode A f [ EMI ] = C b when EMI = Mode B f [ EMI ] = C c when EMI = Mode C } ( 1 )
J-AES represents the function shared by the apparatuses for encrypting and decrypting data, Kx represents the exchange key, EMI (encryption mode indicator) represents the copy control information of the data, and Nc represents the random number.
In this case, f[ ] is an operator which converts each EMI into an appropriate constant. For example, f[ ] may convert a 2-bit EMI into a 96-bit constant.
Additionally, the EMI may have a plurality of modes. For example, ‘copy-never’, ‘copy-one-generation’, and ‘no-more-copy’ may be set respectively to Modes A, B and C.
An encryption key Kc is changed in accordance with the mode of EMI, and changes of the exchange key Kx and the random number Nc.
When the encryption key is generated by the apparatus for encrypting data as described above, the apparatus for decrypting data also has to have the encryption key in order to decrypt the data encrypted using the encryption key.
A method of generating the encryption key, performed by the apparatus for decrypting data, will now be described.
The apparatus for encrypting data periodically and randomly generates the exchange key, encrypts the exchange key using an authentication key shared by the apparatuses for encrypting and decrypting data, and transfers the encrypted exchange key to the apparatus for decrypting data.
The apparatus for decrypting data decrypts the encrypted exchange key using the authentication key and extracts the exchange key.
Then, the apparatus for encrypting data periodically and randomly generates the random number and transfers the random number to the apparatus for decrypting data. However, under certain circumstances, the random number is not separately transferred but is recorded in a header of a packet when the apparatus for encrypting data transfers data in the form of a packet to the apparatus for decrypting data. When the packet is transferred, the EMI, which is the copy control information of the data, is recorded and transferred in the packet.
FIG. 4 is a diagram showing the structure of a packet in accordance with a DTCP/IEEE 1394 standard.
FIG. 4 shows an EMI region 410 and an Odd/Even region 420. The EMI region 410 represents an EMI, which is copy control information of data in a header of the packet, and the Odd/Even region 420 represents whether a random number is an odd number or an even number in order to represent whether the random number has changed.
The above-described packet does not have a region which represents the random number itself, and it is assumed that a counter value is increased by a predetermined value in a counter mode. For example, if the counter value increases by 1, odd and even numbers are represented alternately in the Odd/Even region 420.
FIG. 5 is a diagram showing the structure of a packet in accordance with a DTCP/IP standard
Referring to FIG. 5, a header of the packet includes an extended encryption mode indicator (E-EMI) region 510 which represents an EMI, which is copy control information of data, and a random number region 520 which represents a random number.
Here, the EMI region 410 illustrated in FIG. 4 is 2 bits, while the E-EMI region illustrated in FIG. 5 is 4 bits and may include more modes than the EMI region 410 illustrated in FIG. 4.
The random number region 520 represents the random number Nc generated by the random number generation unit 320 illustrated in FIG. 3. The random number Nc may be 64 bits as in FIG. 5.
Referring back to FIG. 3, the apparatus for decrypting data uses the exchange key, the random number, and the copy control information of the data generated as described above to generate an encryption key which is identical to the encryption key of the apparatus for encrypting data and is also used for decrypting the encrypted data.
The counter generation unit 330 generates an initial counter value using the random number generated by the random number generation unit 320, and generates N counter values by increasing the initial counter value by a predetermined value N times.
According to an exemplary embodiment of the present invention, the random number used for generating the encryption key is reused for generating the counter value. Accordingly, a fewer number of operations are required in comparison with the case when a random number for generating an encryption key and a random number for generating a counter value are generated separately.
The detailed operation of the counter generation unit 330 will be described later with reference to Mathematical Formulae 2 through 6.
The encryption unit 340 encrypts the N counter values into encryption keys.
The operation unit 350 encrypts each of the data blocks by performing an exclusive OR operation on the encrypted counter values and the data blocks.
The operation of the counter generation unit 330 will now be described.
First, the counter generation unit 330 generates the initial counter value which may be formed as in Mathematical Formula 2.
Nc|count  (2)
Here, Nc represents the random number, and count represents a counter.
For example, if the initial counter value is 128 bits, it may be formed of a 64-bit random number and a 64-bit counter. In this case, the counter may be disposed in front of the random number.
The counter count may start at 0 but is not limited thereto.
The counter values are determined by increasing the counter of Mathematical Formula 2 by the predetermined value. For example, if the counter is 4 bits and the counter of the initial counter value is 0000, the counter may be changed and increased by 1 to 0001, 0010, 0011 and so on. However, if the counter is increased to 1111, the next value of the counter 1111 is 0000 again.
The counters may repeat the same values after they return again to 0000 as in the above-described example.
In the encryption algorithm using the counter mode of the AES, a third party can recreate original data from encrypted data if a plurality of data blocks are encrypted using the same encryption key and the same counter.
Accordingly, if the random number is not changed and only the counter is changed, the same counter value may be reused while the encryption key is not changed. Therefore, the counter generation unit 330 needs to generate the counter values by changing composition forms of the counter values such that the same encryption keys do not have the same counter value.
Examples of the counter values generated by changing values in order to prevent the counter generation unit 330 from reusing the same counter value will now be described.
First, the counter generation unit 330 may generate the counter value to include a bit for representing a random number Nc, a bit for representing a number of transferred data blocks datablockno, and a bit for representing the counter count as in Mathematical Formula 3.
In this case, if the random number Nc is changed, datablockno is recalculated from when the random number Nc is changed. Accordingly, datablockno of a first data block after the random number Nc is changed is set to 0.
Nc|datablockno|count  (3)
For example, the counter value may include a bit for representing a 64-bit random number, a bit for representing a 32-bit transferred data block number, and a bit for representing a 32-bit counter.
In this case, datablockno of a counter for encrypting a data block after 100 data blocks are transferred is 101. Thus, each data block has a different value of datablockno, and the same counter value is not used for the same encryption keys when the data is encrypted.
If the data is formed in packets, datablockno is represented in a header of the packet, transferred to the apparatus for decrypting data, and used for calculating the counter value required for decrypting the packet.
Preferably, but not necessarily, the apparatus for encrypting data according to an exemplary embodiment of the present invention may further include a packet generating unit (not shown) which generates a packet including a predetermined number of data blocks. In this case, each data block is included in the packet after an exclusive OR operation is performed on the data block and the counter value encrypted using the encryption key.
Also, the counter generation unit 330 may generate the counter value to include a bit for representing the random number Nc, a bit for representing an additional random number Nc2 which is different from the random number Nc, and a bit for representing the counter count as in Mathematical Formula 4.
Here, if the additional random number Nc2 is identical to the random number Nc, the additional random number Nc2 is changed. If the random number Nc is changed, the additional random number Nc2 may not be changed.
Nc|Nc2|count  (4)
For example, the counter value may include a bit for representing a 64-bit random number, a bit for representing a 32-bit additional random number, and a bit for representing a 32-bit counter.
In this case, the random number generation unit 320 has to generate the additional random number Nc2 as well as the random number Nc for generating the encryption key. Accordingly, more operation is required than in the case when only one random number Nc is generated. However, since two random numbers Nc and Nc2 are used, the operation is more stable than when only one random number Nc is used.
If the data is formed in packets, the additional random number Nc2 is represented in the header of the packet, transferred to the apparatus for decrypting data, and used for calculating the counter value required for decrypting the packet.
Alternatively, the counter generation unit 330 may generate the counter value to include a bit for the random number Nc, a bit for representing a packet number packetno, and a bit for representing the counter count as in Mathematical Formula 5.
Nc|packetno|count  (5)
For example, the counter value may include a bit for representing a 64-bit random number, a bit for representing a 32-bit packet number, and a bit for representing a 32-bit counter.
In this case, the packet number packetsno of the counter value to be used for encrypting a data block included in a first packet is 1 and the packet number packetsno of the counter value to be used for encrypting a data block included in a second packet is 2.
In this case, if the random number Nc is changed, packetsno is recalculated from when the random number Nc is changed. Accordingly, packetno of a first packet after the random number Nc is changed is set to 1.
Thus, the same counter value is not used for the same encryption keys when the data is encrypted.
If the data is formed in packets, packetno is represented in the header of the packet, transferred to the apparatus for decrypting data, and used for calculating the counter value required for decrypting the packet.
Also, the counter generation unit 330 may generate the counter value to include a bit for the random number Nc and a bit for representing partial information datapart of a packet as in Mathematical Formula 6.
Nc|datapart  (6)
For example, the counter value may include a bit for representing a 64-bit random number, and a bit for representing 64-bit partial information of the packet.
The partial information of the packet can be used as the counter value because information of each packet has randomness and the counter value can be kept different from other counter values using the randomness.
Also, a counter may be further included in the counter value of Mathematical Formula 6. For example, the counter value may include a bit for representing a 64-bit random number, a bit for representing 32-bit partial information of the packet, and a bit for representing a 32-bit counter.
Furthermore, the counter generation unit 330 may determine the initial counter value to be changed for each packet.
That is, the random number Nc of the initial counter value of Mathematical Formula 2 is changed for each packet.
In this case, whenever the random number Nc is changed, the encryption key is newly generated. Accordingly, additional operation for generating the random number Nc and the encryption key is required for each packet.
The random number Nc may be changed by adding a predetermined value for each packet.
Examples of counter values are not limited to Mathematical Formulae 2 through 6.
FIG. 6 is a flowchart illustrating a method of encrypting data, according to an exemplary embodiment of the present invention.
In operation 610, data in packet units is divided into N data blocks.
In operation 620, an initial counter value is generated using a random number used for generating an encryption key for encrypting the data blocks.
In operation 630, N counter values are generated by increasing the initial value by a predetermined value N times, and the N counter values are encrypted using the encryption key.
In operation 640, an exclusive OR operation is performed on the encrypted counter values and the data blocks.
The exemplary embodiments of the present invention can be written as computer programs and can be implemented in general-use digital computers that execute the programs using a computer readable recording medium. Examples of the computer readable recording medium include magnetic storage media (e.g. ROM, floppy disks, hard disks, etc.), and optical recording media (e.g. CD-ROMs, or DVDs).
The exemplary embodiments of the present invention allow fast and stable data encryption by dividing data in packet units into N data blocks, generating an initial counter value using a random number used for generating an encryption key for encrypting the data blocks, generating N counter values by increasing the initial value by a predetermined value N times, encrypting the N counter values using the encryption key, and performing an exclusive OR operation on the encrypted counter values and the data blocks.
While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it will be understood by those of ordinary skill in the art that various changes in form and detail may be made therein without departing from the spirit and scope of the invention as defined by the appended claims. The exemplary embodiments should be considered in a descriptive sense only, and not for purposes of limitation. Therefore, the scope of the invention is defined not by the detailed description of the invention but by the appended claims, and all differences within the scope will be construed as being included in the present invention.

Claims (30)

1. A method of encrypting data, the method executed by a hardware processor, and comprising:
dividing, by the hardware processor, data in packet units into N data blocks;
generating, by the hardware processor, a random number used for generating an encryption key for encrypting the data blocks;
generating, by the hardware processor, an initial counter value using the random number;
generating, by the hardware processor, N counter values by increasing the initial counter value by a predetermined value N times and encrypting the N counter values using the encryption key; and
performing, by the hardware processor, an exclusive OR operation on the N encrypted counter values and the N data blocks,
wherein the N is an integer which is larger than 1.
2. The method of claim 1, wherein each of the N counter values comprises a bit representing the random number, a bit representing a transferred data block number, and a bit representing a counter.
3. The method of claim 1, wherein each of the N counter values comprises a bit representing the random number, a bit representing an additional random number which is different from the random number, and a bit representing a counter.
4. The method of claim 1, further comprising generating a packet formed of a plurality of data blocks from among the N data blocks on which the exclusive OR operation is performed with the N encrypted counter values, wherein each of the N counter values comprises a bit representing the random number, and a bit representing partial information of the packet.
5. The method of claim 4, wherein each of the N counter values further comprises a bit representing a counter.
6. The method of claim 1, further comprising generating a packet formed of a plurality of data blocks from among the N data blocks on which the exclusive OR operation is performed with the N encrypted counter values, wherein each of the N counter values comprises a bit representing the random number, a bit representing a number of the packet, and a bit representing a counter.
7. The method of claim 1, further comprising generating a packet formed of a plurality of data blocks from among the N data blocks on which the exclusive OR operation is performed with the N encrypted counter values, wherein the initial counter value is changed for each packet.
8. The method of claim 7, wherein the initial counter value is increased by a predetermined value for each packet.
9. The method of claim 1, further comprising generating the encryption key based on copy control information of the data, the random number, and an exchange key shared by apparatuses for encrypting and decrypting data.
10. The method of claim 1, wherein the random number is periodically changed.
11. The method of claim 1, wherein the random number is periodically increased by a predetermined value.
12. The method of claim 1, wherein each data block is 128 bits, each counter value is 128 bits, and the random number is equal to or greater than 64 bits.
13. The method of claim 7, wherein the packet comprises a region which represents the random number.
14. The method of claim 7, wherein the packet comprises a region which represents whether the random number is an odd number or an even number in order to represent whether the random number has changed.
15. An apparatus for encrypting data, the apparatus comprising:
a data division hardware unit which divides data in packet units into N data blocks;
a random number generation unit which generates a random number used for generating an encryption key for encrypting the data blocks;
a counter generation unit which generates an initial counter value using the random number and generates N counter values by increasing the initial counter value by a predetermined value N times;
an encryption unit which encrypts the N counter values using the encryption key; and
an operation unit which performs an exclusive OR operation on the N encrypted counter values and the N data blocks,
wherein the N is an integer which is larger than 1.
16. The apparatus of claim 15, wherein each of the N counter values comprises a bit representing the random number, a bit representing a transferred data block number, and a bit representing a counter.
17. The apparatus of claim 15, wherein each of the N counter values comprises a bit representing the random number, a bit representing an additional random number which is different from the random number, and a bit representing a counter.
18. The apparatus of claim 15, further comprising a packet generation unit which generates a packet formed of a plurality of data blocks from among the N data blocks on which the exclusive OR operation is performed with the N encrypted counter values.
19. The apparatus of claim 18, wherein each of the N counter values comprises a bit representing the random number, and a bit representing partial information of the packet.
20. The apparatus of claim 19, wherein each of the N counter values further comprises a bit representing a counter.
21. The apparatus of claim 18, wherein each of the N counter values comprises a bit representing the random number, a bit representing a number of the packet, and a bit representing a counter.
22. The apparatus of claim 18, wherein the counter generation unit determines the initial counter value to be changed for each packet.
23. The apparatus of claim 22, wherein the counter generation unit determines the initial counter value to be increased by a predetermined value for each packet.
24. The apparatus of claim 15, further comprising an encryption key generation unit which generates the encryption key based on copy control information of the data, the random number, and an exchange key shared by apparatuses for encrypting and decrypting data.
25. The apparatus of claim 15, wherein the random number generation unit periodically changes the random number.
26. The apparatus of claim 15, wherein the random number generation unit periodically increases the random number by a predetermined value.
27. The apparatus of claim 15, wherein each data block is 128 bits, each counter value is 128 bits, and the random number is equal to or greater than 64 bits.
28. The apparatus of claim 18, wherein the packet comprises a region which represents the random number.
29. The apparatus of claim 18, wherein the packet comprises a region which represents whether the random number is an odd number or an even number in order to represent whether the random number has changed.
30. A non-transitory computer readable recording medium having embodied thereon instructions that, when executed by a computer, causes the computer to execute a method of encrypting data, the method comprising:
dividing data in packet units into N data blocks;
generating an initial counter value using a random number used for generating an encryption key for encrypting the data blocks;
generating N counter values by increasing the initial counter value by a predetermined value N times and encrypting the N counter values using the encryption key; and
performing an exclusive OR operation on the N encrypted counter values and the N data blocks,
wherein the N is an integer which is larger than 1.
US11/946,269 2006-12-04 2007-11-28 Method and apparatus for encrypting data Expired - Fee Related US8204215B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US11/946,269 US8204215B2 (en) 2006-12-04 2007-11-28 Method and apparatus for encrypting data

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US87250106P 2006-12-04 2006-12-04
KR10-2007-0029367 2007-03-26
KR1020070029367A KR101369748B1 (en) 2006-12-04 2007-03-26 Method for encrypting datas and appatus therefor
US11/946,269 US8204215B2 (en) 2006-12-04 2007-11-28 Method and apparatus for encrypting data

Publications (2)

Publication Number Publication Date
US20080130881A1 US20080130881A1 (en) 2008-06-05
US8204215B2 true US8204215B2 (en) 2012-06-19

Family

ID=39806084

Family Applications (1)

Application Number Title Priority Date Filing Date
US11/946,269 Expired - Fee Related US8204215B2 (en) 2006-12-04 2007-11-28 Method and apparatus for encrypting data

Country Status (4)

Country Link
US (1) US8204215B2 (en)
EP (1) EP2060054A4 (en)
KR (1) KR101369748B1 (en)
WO (1) WO2008069473A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120311288A1 (en) * 2011-06-03 2012-12-06 Callas Jonathan D Secure storage of full disk encryption keys

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8391475B2 (en) * 2007-03-30 2013-03-05 Intel Corporation Method and apparatus for advanced encryption standard (AES) block cipher
US8355499B2 (en) * 2008-12-12 2013-01-15 Micron Technology, Inc. Parallel encryption/decryption
DE102013208730A1 (en) * 2013-05-13 2014-11-13 Robert Bosch Gmbh Secure transmission of a sequence of data to be transmitted
KR101584220B1 (en) * 2014-05-30 2016-01-11 이니텍(주) Encoding Method for Maintaining Sorting Order of Encrypted Data
CN105426775B (en) * 2015-11-09 2018-06-19 北京联合大学 A kind of method and system for protecting smart mobile phone information security
FR3050348A1 (en) * 2016-04-18 2017-10-20 Orange METHOD FOR OBTAINING A SECURITY TOKEN BY A MOBILE TERMINAL
CN108696347B (en) * 2017-04-12 2021-02-19 展讯通信(上海)有限公司 Bluetooth AES encryption starting method and system and Bluetooth master and slave devices
CN108092762A (en) * 2017-12-19 2018-05-29 安语(北京)科技有限公司 A kind of USB interface-based voice data encryption device, system and method
KR101888548B1 (en) * 2018-05-08 2018-08-14 (주)위즈네트 Random number generation method, random number generation device and communication apparatus comprising the device
JP6464310B2 (en) * 2018-10-02 2019-02-06 日本放送協会 Encryption device and decryption device
JP6464309B2 (en) * 2018-10-02 2019-02-06 日本放送協会 Encryption device and decryption device
CN109359486B (en) * 2018-10-24 2021-07-27 华中科技大学 Encryption and decryption system and operation method thereof
US11171955B2 (en) * 2019-03-11 2021-11-09 Intel Corporation Link protection for trusted input/output devices
CN111538475B (en) * 2020-03-25 2023-06-23 上海交通大学 System and method for constructing true random number generator based on FPGA
CN114697463B (en) * 2020-12-31 2023-11-21 思特威(上海)电子科技股份有限公司 Encryption transmission method and image sensor
KR102531876B1 (en) * 2022-10-25 2023-05-12 주식회사 쿼드마이너 Intelligent smart low-power encryption method and system for secure communication of unmanned weapon system
KR20240057966A (en) * 2022-10-25 2024-05-03 주식회사 쿼드마이너 Low Power Encryption Methods and Systems

Citations (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010033656A1 (en) * 2000-01-31 2001-10-25 Vdg, Inc. Block encryption method and schemes for data confidentiality and integrity protection
US20020044651A1 (en) * 2000-05-16 2002-04-18 Tuvell Walter E. Method and apparatus for improving the security of cryptographic ciphers
US20020048364A1 (en) * 2000-08-24 2002-04-25 Vdg, Inc. Parallel block encryption method and modes for data confidentiality and integrity protection
US20020172359A1 (en) * 2001-05-17 2002-11-21 Markku-Juhani Saarinen Method and apparatus for improved pseudo-random number generation
US20030108196A1 (en) * 2001-10-12 2003-06-12 Alexey Kirichenko Data encryption
US20040103279A1 (en) * 2002-10-15 2004-05-27 Alten Alex I. Systems and methods for providing autonomous security
US20040131182A1 (en) 2002-09-03 2004-07-08 The Regents Of The University Of California Block cipher mode of operation for constructing a wide-blocksize block cipher from a conventional block cipher
US20050021986A1 (en) * 2003-06-25 2005-01-27 Graunke Gary L. Apparatus and method for memory encryption with reduced decryption latency
US20050201554A1 (en) * 2004-03-11 2005-09-15 Glen Kramer Method for data encryption in an ethernet passive optical network
US20060020941A1 (en) * 2004-07-02 2006-01-26 Ntt Docomo, Inc. Multitask execution system
US20060023875A1 (en) * 2004-07-30 2006-02-02 Graunke Gary L Enhanced stream cipher combining function
US20060159260A1 (en) * 2005-01-14 2006-07-20 Eaton Corporation Method and communication system employing secure key exchange for encoding and decoding messages between nodes of a communication network
US7093126B1 (en) * 2000-04-14 2006-08-15 International Business Machines Corporation Encryption schemes with almost free integrity awareness
US20070055873A1 (en) * 2003-12-30 2007-03-08 Manuel Leone Method and system for protecting data, related communication network and computer program product
US20070081670A1 (en) * 2005-10-11 2007-04-12 Andrew Topham Data transfer device
US20070106896A1 (en) * 2005-11-08 2007-05-10 Sandberg Melanie J Method and system for generating ciphertext and message authentication codes utilizing shared hardware
US20070192594A1 (en) * 2005-01-11 2007-08-16 Ji-Cheol Lee Apparatus and method for ciphering/deciphering a signal in a communication system
US20080114994A1 (en) * 2006-11-14 2008-05-15 Sree Mambakkam Iyer Method and system to provide security implementation for storage devices
US20080170691A1 (en) * 2005-03-10 2008-07-17 Sung-Cheol Chang Encryption And Decryption Device In Wireless Portable Internet System,And Method Thereof
US7406595B1 (en) * 2004-05-05 2008-07-29 The United States Of America As Represented By The Director, National Security Agency Method of packet encryption that allows for pipelining
US20100067687A1 (en) * 2004-12-06 2010-03-18 The Trustees Of The Stevens Institute Of Technology Method and apparatus for maintaining data integrity for block-encryption algorithms

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003288012A (en) 2002-03-28 2003-10-10 Seiko Epson Corp Cryptograph system and data transfer controller
WO2005010850A1 (en) * 2003-07-14 2005-02-03 Sony Corporation Encryption/decryption device and method

Patent Citations (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010033656A1 (en) * 2000-01-31 2001-10-25 Vdg, Inc. Block encryption method and schemes for data confidentiality and integrity protection
US7093126B1 (en) * 2000-04-14 2006-08-15 International Business Machines Corporation Encryption schemes with almost free integrity awareness
US20020044651A1 (en) * 2000-05-16 2002-04-18 Tuvell Walter E. Method and apparatus for improving the security of cryptographic ciphers
US20020048364A1 (en) * 2000-08-24 2002-04-25 Vdg, Inc. Parallel block encryption method and modes for data confidentiality and integrity protection
US20020172359A1 (en) * 2001-05-17 2002-11-21 Markku-Juhani Saarinen Method and apparatus for improved pseudo-random number generation
US20030108196A1 (en) * 2001-10-12 2003-06-12 Alexey Kirichenko Data encryption
US20040131182A1 (en) 2002-09-03 2004-07-08 The Regents Of The University Of California Block cipher mode of operation for constructing a wide-blocksize block cipher from a conventional block cipher
US20040103279A1 (en) * 2002-10-15 2004-05-27 Alten Alex I. Systems and methods for providing autonomous security
US20050021986A1 (en) * 2003-06-25 2005-01-27 Graunke Gary L. Apparatus and method for memory encryption with reduced decryption latency
US20070055873A1 (en) * 2003-12-30 2007-03-08 Manuel Leone Method and system for protecting data, related communication network and computer program product
US20050201554A1 (en) * 2004-03-11 2005-09-15 Glen Kramer Method for data encryption in an ethernet passive optical network
US7406595B1 (en) * 2004-05-05 2008-07-29 The United States Of America As Represented By The Director, National Security Agency Method of packet encryption that allows for pipelining
US20060020941A1 (en) * 2004-07-02 2006-01-26 Ntt Docomo, Inc. Multitask execution system
US20060023875A1 (en) * 2004-07-30 2006-02-02 Graunke Gary L Enhanced stream cipher combining function
US20100067687A1 (en) * 2004-12-06 2010-03-18 The Trustees Of The Stevens Institute Of Technology Method and apparatus for maintaining data integrity for block-encryption algorithms
US20070192594A1 (en) * 2005-01-11 2007-08-16 Ji-Cheol Lee Apparatus and method for ciphering/deciphering a signal in a communication system
US20060159260A1 (en) * 2005-01-14 2006-07-20 Eaton Corporation Method and communication system employing secure key exchange for encoding and decoding messages between nodes of a communication network
US20080170691A1 (en) * 2005-03-10 2008-07-17 Sung-Cheol Chang Encryption And Decryption Device In Wireless Portable Internet System,And Method Thereof
US20070081670A1 (en) * 2005-10-11 2007-04-12 Andrew Topham Data transfer device
US20070106896A1 (en) * 2005-11-08 2007-05-10 Sandberg Melanie J Method and system for generating ciphertext and message authentication codes utilizing shared hardware
US20080114994A1 (en) * 2006-11-14 2008-05-15 Sree Mambakkam Iyer Method and system to provide security implementation for storage devices

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
David Wagner, et al., "Comments to NIST Concerning AES Modes of Operations: CTR-Mode Encryption"; Sep. 2000, http://www.cs.udavis.edu/;rogaway/papers/ctr.pdf; see Review of Counter-Mode Encryption and Figure 1: Encryption and decryption process in counter mode; pp. 1-4.
Menezes, Alfred J. et al. "Handbook of Applied Cryptography," 1997, CRC Press, p. 20. *
R. Tirtea and G. Deconinck. "Specifications overview for Counter Mode of Operation. Security Aspects in Case of Faults." In Electrotechnical Conference, 2004. MELECON 2004. Proceedings of the 12th IEEE Mediterranean, pp. 769-773 vol. 2, 2004. *
U.S. Appl. No. 60/204,510. *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120311288A1 (en) * 2011-06-03 2012-12-06 Callas Jonathan D Secure storage of full disk encryption keys
US9235532B2 (en) * 2011-06-03 2016-01-12 Apple Inc. Secure storage of full disk encryption keys

Also Published As

Publication number Publication date
KR20080050932A (en) 2008-06-10
WO2008069473A1 (en) 2008-06-12
EP2060054A4 (en) 2015-07-22
KR101369748B1 (en) 2014-03-06
EP2060054A1 (en) 2009-05-20
US20080130881A1 (en) 2008-06-05

Similar Documents

Publication Publication Date Title
US8204215B2 (en) Method and apparatus for encrypting data
JP3901909B2 (en) ENCRYPTION DEVICE AND RECORDING MEDIUM CONTAINING PROGRAM
US9712319B2 (en) Method and apparatus to encrypt plaintext data
US12021984B2 (en) Content management systems and methods using proxy reencryption
US7945049B2 (en) Stream cipher using multiplication over a finite field of even characteristic
US8108674B2 (en) Transmitting/receiving system and method, transmitting apparatus and method, receiving apparatus and method, and program used therewith
EP3467808A1 (en) Encryption device, encryption method, decryption device, and decryption method
CN101753292A (en) Methods and devices for a chained encryption mode
US20060188098A1 (en) Encryption/decryption device, communication controller, and electronic instrument
US20120191984A1 (en) Data encryption device and memory card
WO2011105367A1 (en) Block encryption device, block decryption device, block encryption method, block decryption method and program
US7783045B2 (en) Secure approach to send data from one system to another
CN103580851A (en) Information encryption and decryption method
Reyad et al. Key-based enhancement of data encryption standard for text security
US20110182419A1 (en) Encryption algorithm with randomized buffer
US20080192924A1 (en) Data encryption without padding
KR101095386B1 (en) A Cryptosystem with a Discretized Chaotic Map
JP2011151689A (en) Information processing apparatus and information processing method
US7773753B2 (en) Efficient remotely-keyed symmetric cryptography for digital rights management
CN118369888A (en) Automatic key scrolling for link encryption
Alenezi et al. On the performance of AES algorithm variants
CN111131158A (en) Single byte symmetric encryption and decryption method, device and readable medium
KR100494560B1 (en) Real time block data encryption/decryption processor using Rijndael block cipher and method therefor
Almarimi et al. A new approach for data encryption using genetic algorithms
CN112787814A (en) Upper computer communication encryption method and system

Legal Events

Date Code Title Description
AS Assignment

Owner name: SAMSUNG ELECTRONICS CO., LTD., KOREA, DEMOCRATIC P

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:YOU, YONG-KUK;KIM, SEONG-SOO;CHOI, SANG-SU;AND OTHERS;REEL/FRAME:020203/0510

Effective date: 20070831

AS Assignment

Owner name: SAMSUNG ELECTRONICS CO., LTD., KOREA, REPUBLIC OF

Free format text: CORRECTIVE ASSIGNMENT TO CORRECT THE COUNTRY OF THE ASSIGNEE PREVIOUSLY RECORDED ON REEL 020203 FRAME 0510. ASSIGNOR(S) HEREBY CONFIRMS THE ASSIGNMENT OF ASSIGNOR'S INTEREST.;ASSIGNORS:YOU, YONG-KUK;KIM, SEONG-SOO;CHOI, SANG-SU;AND OTHERS;REEL/FRAME:020315/0586

Effective date: 20070831

Owner name: SAMSUNG ELECTRONICS CO., LTD., KOREA, REPUBLIC OF

Free format text: CORRECTIVE ASSIGNMENT TO CORRECT THE COUNTRY OF THE ASSIGNEE PREVIOUSLY RECORDED ON REEL 020203 FRAME 0510. ASSIGNOR(S) HEREBY CONFIRMS THE ASSIGNMENT OF ASSIGNOR'S INTEREST;ASSIGNORS:YOU, YONG-KUK;KIM, SEONG-SOO;CHOI, SANG-SU;AND OTHERS;REEL/FRAME:020315/0586

Effective date: 20070831

FEPP Fee payment procedure

Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STCF Information on status: patent grant

Free format text: PATENTED CASE

FPAY Fee payment

Year of fee payment: 4

FEPP Fee payment procedure

Free format text: MAINTENANCE FEE REMINDER MAILED (ORIGINAL EVENT CODE: REM.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

LAPS Lapse for failure to pay maintenance fees

Free format text: PATENT EXPIRED FOR FAILURE TO PAY MAINTENANCE FEES (ORIGINAL EVENT CODE: EXP.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STCH Information on status: patent discontinuation

Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362

FP Lapsed due to failure to pay maintenance fee

Effective date: 20200619